Plone User deactivation instead of deletion

Hi all,

I have a use-case, where I need to need to deactivate a plone user so that the user cannot able to login into the system (from both restapi and browser based)

Is the plone has already this feature or any good suggestion?

I would try changing the user id, password, and also the email address property. But I am not sure how it will affect existing content. Likely though, you can regain content creator mapping after you revert to the original id.

That is a good idea! But I think it will bring some complexity and data integrity/inconsistency.

  1. For example now a new user can be created with the deactivated username/email and that would make some bad situation, especially existing on contents (ownership, local roles)
  2. Enabling user again could be complex, (password retrieve)

Right. Probably just change the password and email. Retain the email user id. Plone should not allow the creation of users with the same id. So you need to set use email as user id in the control panel.

What if the user click on "Trouble logging in? Get help"?

If you switch to LDAP, pas.plugins.ldap supports account_expiration (by date).